Hi,
this can be done, but it requires some configuration within the security domains.
All domains are configured in the repository and can be found in the CMS console at the path:
/hippo:configuration/hippo:frontend/cms
Now to shield them off you need to modify (or create a new domain) in the hippo domains section.
You can take an example of how the admin and dev perspective are now shield of from any other type of user then users in the admin group at:
/hippo:configuration/hippo:domains/frontendconfig/frontend-plugins
For further reading I would advise you to read the entire 'Authorization section' in our documentation:
http://www.onehippo.org/library/concepts/security/repository-authorization-and-permissions.htmlThat should help you understand how it's working right now and what you can do to achieve your task.
Kind regards,
Jeroen